Global Tenant Scope

Tenant is an isolated workspace within the Palette Console. Users and Teams with specific Roles can be associated with the Tenant(s) you create.

Palette has adopted the security principle of least privilege. Each user is assigned Roles and Permissions to the scopes, resources, and resourceKey. The Permissions format is resourceKey.operation, where resourceKey refers to resource or the API functionality, and Operation refers to the permitted action or activitie.

To view a list of the predefined roles and permissions, go to Tenant Settings > Roles, and you will find the list of Global Roles. If you need to extend your permissions, use the Create Role option.

Below is the list of Roles and Permissions that already predefined for the Global Tenant Scope:




Tenants


Role NamesDescription
Tenant AdminThe Tenant Administrator role allows the user to create projects and manage projects within the tenant, covered under all operations related to projects
Tenant ViewerTenant Viewer has a read only access to all the project resources
Tenant Project AdminThe role with complete access to an existing project

The table enlists the role wise resourceKeys and Operations that are predefined under the Global Tenant Scope:




Tenant Admin


resourceKeysOperations

CreateDeleteGetListUpdateImportPublishBackupRestore
apiKey
audit
cloudaccount
cloudconfig
cluster
clusterProfile
clusterRbac
dnsMapping
edgehost
location
machine
macro
packRegistry
privateGateway
project
role
sshKey
team
user
workspace





Cluster Profile


Role NamesDescription
Tenant Cluster Profile AdminA role which has complete access to all the Cluster Profile related operations
CreateDeleteGetListUpdateImportPublishBackupRestore
clusterProfile
macro
packRegistry



Tenant Role


Role NamesDescription
Tenant Role AdminA role which has complete access to all the Role related perations
CreateDeleteGetListUpdateImportPublishBackupRestore
role



Tenant Team


Role NamesDescription
Tenant Team AdminA role which has complete access to all the Team related operations
CreateDeleteGetListUpdateImportPublishBackupRestore
apiKey
audit
team
user



Tenant User


Role NamesDescription
Tenant User Admin RoleA role which has complete access to all the User related operations
CreateDeleteGetListUpdateImportPublishBackupRestore
apiKey
audit
user